| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef NET_CERT_CT_SERIALIZATION_H_ |
| 6 #define NET_CERT_CT_SERIALIZATION_H_ |
| 7 |
| 8 #include <string> |
| 9 #include <vector> |
| 10 |
| 11 #include "base/strings/string_piece.h" |
| 12 #include "net/base/net_export.h" |
| 13 #include "net/cert/signed_certificate_timestamp.h" |
| 14 |
| 15 namespace net { |
| 16 |
| 17 // Utility functions for encoding/decoding structures used by Certificate |
| 18 // Transparency to/from the TLS wire format encoding. |
| 19 namespace ct { |
| 20 |
| 21 // If |input.signature_data| is less than kMaxSignatureLength, encodes the |
| 22 // |input| to |output| and returns true. Otherwise, returns false. |
| 23 NET_EXPORT_PRIVATE bool EncodeDigitallySigned(const DigitallySigned& input, |
| 24 std::string* output); |
| 25 |
| 26 // Reads and decodes a DigitallySigned object from |input|. |
| 27 // The bytes read from |input| are discarded (i.e. |input|'s prefix removed) |
| 28 // Returns true and fills |output| if all fields can be read, false otherwise. |
| 29 NET_EXPORT_PRIVATE bool DecodeDigitallySigned(base::StringPiece* input, |
| 30 DigitallySigned* output); |
| 31 |
| 32 // Encodes the |input| LogEntry to |output|. Returns true if the entry size |
| 33 // does not exceed allowed size in RFC6962, false otherwise. |
| 34 NET_EXPORT_PRIVATE bool EncodeLogEntry(const LogEntry& input, |
| 35 std::string* output); |
| 36 |
| 37 // Encodes the data signed by a Signed Certificate Timestamp (SCT) into |
| 38 // |output|. The signature included in the SCT is then verified over these |
| 39 // bytes. |
| 40 // |timestamp| timestamp from the SCT. |
| 41 // |serialized_log_entry| the log entry signed by the SCT. |
| 42 // |extensions| CT extensions. |
| 43 // Returns true if the extensions' length does not exceed |
| 44 // kMaxExtensionsLength, false otherwise. |
| 45 NET_EXPORT_PRIVATE bool EncodeV1SCTSignedData( |
| 46 const base::Time& timestamp, |
| 47 const std::string& serialized_log_entry, |
| 48 const std::string& extensions, |
| 49 std::string* output); |
| 50 |
| 51 // Decode a list of Signed Certificate Timestamps |
| 52 // (SignedCertificateTimestampList as defined in RFC6962): from a single |
| 53 // string in |input| to a vector of individually-encoded SCTs |output|. |
| 54 // This list is typically obtained from the CT extension in a certificate. |
| 55 // Returns true if the list could be read and decoded successfully, false |
| 56 // otherwise (note that the validity of each individual SCT should be checked |
| 57 // separately). |
| 58 NET_EXPORT_PRIVATE bool DecodeSCTList(base::StringPiece* input, |
| 59 std::vector<base::StringPiece>* output); |
| 60 |
| 61 // Decodes a single SCT from |input| to |output|. |
| 62 // Returns true if all fields in the SCT could be read and decoded, false |
| 63 // otherwise. |
| 64 NET_EXPORT_PRIVATE bool DecodeSignedCertificateTimestamp( |
| 65 base::StringPiece* input, |
| 66 ct::SignedCertificateTimestamp* output); |
| 67 |
| 68 } // namespace ct |
| 69 |
| 70 } // namespace net |
| 71 |
| 72 #endif // NET_CERT_CT_SERIALIZATION_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 37633002:
CT: First step towards supporting Certificate Transparency in Chrome. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master